Exploiting file upload vulnerabilities to execute arbitrary code.
Category: Web Application
SQL Injection
SQL Injection for MySQL databases.
XML External Entity Injection (XXE)
Exploiting XML parsers.
Web Content Discovery
Identifying web content to launch further attacks.
Cross Site Scripting (XSS)
Injecting malicious code into web applications.
Hack The Box Certified Bug Bounty Hunter (HTB CBBH)
A review of the CBBH course and exam.
Local File Inclusion (LFI) Attacks
Exploiting LFI vulnerabilities in web applications.
Flask Session Cookies
Decoding Flask signed session cookies.
Server Side Template Injection (SSTI)
SSTI attacks against Python Flask applications.